E-Signatures: Unsung Hero of the EU’s Digital Single Market

Posted by John Jolliffe, European Government Relations Lead, and Andrea Valle, Senior Product Manager for Document Cloud

When European Commission President Jean-Claude Juncker launched the EU’s Digital Single Market programme back in 2015 it was issues like geo-blocking and the possible regulation of online platforms that attracted most of the media attention. But when it comes to actually creating a digital single market – removing the regulatory obstacles that prevent companies from doing business across borders – it’s the less glamorous and more technical work of the European Commission that is often more impactful.

Electronic Signatures are one such example. The new eIDAS Regulation, which comes into effect this July, will smooth away differences in the way different legal systems in Europe treat electronic signatures, harmonise technical standards and provide legal backing for new ways to use electronic signatures.

At Adobe we’re convinced that these new rules will help businesses, citizens and governments in the EU save time, cut costs, protect the environment and increase efficiency wherever processes require a signature. So today, in response to user feedback, we’re announcing some important new features that will not simply make sure our solutions comply with the new rules, but which we think will support the adoption of e-signatures in Europe:

New indication of the “Source of trust” of PDF digital signatures: back in October 2015 we announced support for EU Trusted Lists, enabling users of the ubiquitous Adobe Acrobat and Acrobat Reader software to verify signed documents based on certificates issued by providers accredited in the EU. Now Acrobat and Reader will also indicate whether a signature is trusted by a provider listed in the EU Trusted Lists, in the Adobe Authorized Trust List (AATL), or by some other trusted sources.

New indication of EU Qualified Certificates. Acrobat is now able to recognize EU Qualified Certificates, in line with new ETSI standards and to display the information in the Signature Properties, in line with the requirements of the eIDAS Regulation.
A Qualified Certificate can only be issued by a Qualified Trust Service Provider according to standardized procedures aimed at verifying the identity of the subject to whom it is issued.

New indication of EU Qualified Electronic Signatures and Seals. An EU Qualified Electronic Signature (QES) is an advanced electronic signature based on a Qualified Certificate created by a Qualified Signature Creation Device (QSCD).
Adobe Acrobat is now able to recognize these elements and to indicate when both apply and that the signature is considered as Qualified.
Similarly, when a signature is created with a Qualified Certificate for Seals, Acrobat will indicate a Qualified Electronic Seal to confirm that an electronic document was issued by a legal person.

Full support of the PAdES Baseline profiles in line with the latest ETSI standards. PAdES is a profile of PDF digital signatures created by ETSI, which ensures compliance with the eIDAS Regulation and improves the interoperability of electronic procedures.

We’re excited by these updates which, we think, will help eIDAS succeed where the 1999 e-Signature Directive failed and finally persuade businesses to move away from the analogue way of doing business – a “wet ink” signature on a piece of paper – and to embrace digital technology. Europe is only beginning to see what electronic signatures can do, and Adobe will be there with more updates and features in the future.

Hi John! We are preparing a detailed post on these new features, but let me anticipate that “Source of Trust” will provide information on all sources of trust known to Acrobat: the AATL, the EUTL, CDS and the Operating System’s trust store (when enabled in the preferences).
In particular for CDS certificates they will show as “Source of Trust obtained from Adobe Root CA”.

I am also curious about this “Source of Trust” feature. How does it exactly work? Does it automatically obtain intermediate and root certificates (if not embedded in the document or present in a certificate store on the signature creating/validating machine) or will it just check if the trusted root certificate is in the AATL/EUTL?
Also is there a documentation on how to use these trust list services?

Hi Daniel,
this feature does not change the way Acrobat builds the certificate chain in order to validate a digital signature. If the intermediate certificates would not be available in either the signature or the trust store, Acrobat will try to fetch them online by following the information contained in the AIA certificate extension to retrieve the certificate issuer’s certificate.
This feature will automatically determine the source of the trust anchor that is used to validate the chain of the signature’s certificate.
There’s no special documentation on how to use it. It would just display in the Signature Panel and in the Trust tab of the Certificate Viewer.